a Django-based indieweb.org site https://00dani.me/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

token.py 1.6KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849
  1. from django.views import View
  2. from django.utils.decorators import method_decorator
  3. from django.views.decorators.csrf import csrf_exempt
  4. from .. import tokens
  5. from ..models import IndieAuthCode
  6. from lemoncurry import utils
  7. @method_decorator(csrf_exempt, name='dispatch')
  8. class TokenView(View):
  9. def get(self, req):
  10. token = tokens.auth(req)
  11. if hasattr(token, 'content'):
  12. return token
  13. res = {
  14. 'me': token.me,
  15. 'client_id': token.client_id,
  16. 'scope': token.scope,
  17. }
  18. return utils.choose_type(req, res)
  19. def post(self, req):
  20. post = req.POST
  21. try:
  22. code = IndieAuthCode.objects.get(pk=post.get('code'))
  23. except IndieAuthCode.DoesNotExist:
  24. return utils.forbid('invalid auth code')
  25. code.delete()
  26. if code.expired:
  27. return utils.forbid('invalid auth code')
  28. if code.response_type != 'code':
  29. return utils.bad_req(
  30. 'this endpoint only supports response_type=code'
  31. )
  32. if 'client_id' in post and code.client_id != post['client_id']:
  33. return utils.forbid('client id did not match')
  34. if code.redirect_uri != post.get('redirect_uri'):
  35. return utils.forbid('redirect uri did not match')
  36. if 'me' in post and code.me != post['me']:
  37. return utils.forbid('me did not match')
  38. return utils.choose_type(req, {
  39. 'access_token': tokens.gen_token(code),
  40. 'me': code.me,
  41. 'scope': code.scope,
  42. })